package com.maoguo.interceptor;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.servlet.AdviceFilter;
import org.apache.shiro.web.util.WebUtils;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

public class CustomAdviceFilter extends AdviceFilter {
    @Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
        HttpServletRequest httpServletRequest=(HttpServletRequest)request;
        String uri=httpServletRequest.getRequestURI();
        Subject subject = SecurityUtils.getSubject();
        if (uri.indexOf("login") !=-1)return true;
        boolean isPerm=subject.isPermitted(uri);
        System.out.println("====预处理/前置处理"+uri+"---isPerm"+isPerm);
        if (!isPerm){
            response.setCharacterEncoding("UTF-8");
            response.getWriter().write("no auth");

        }
        return isPerm;//返回false将中断后续拦截器链的执行
    }
    @Override
    protected void postHandle(ServletRequest request, ServletResponse response) throws Exception {
        //System.out.println("====后处理/后置返回处理");
    }
    @Override
    public void afterCompletion(ServletRequest request, ServletResponse response, Exception exception) throws Exception {
        //System.out.println("====完成处理/后置最终处理");
    }
}
